top of page

Data Protection

Introduction

​

It is our obligation to protect the confidentiality, integrity and accessibility of our customers’, suppliers’, partners’ and employees’ data, including personal data. Protecting personal data is essential to us, and we are continuously working on ensuring compliance with applicable data protection legislation, including the General Data Protection Regulation (GDPR).

​

Data processing activities and legal basis

​

When Squares d.o.o. has entered into a client engagementpersonal data are processed in connection with the provision of consultancy services. Squares d.o.o. then act like a data processor, as we process personal data on behalf of our customers and in agreement with customer preferences. 

The purpose of data processing lies within the management of customer relations, including financial and contract administration, with data subjects being clients and customers, including their employees.

The customer and Squares d.o.o. enter into a data processing agreement containing instructions, terms and conditions for Squares d.o.o. processing of personal data. This data protection policy contains information on how Squares d.o.o. processes personal data, when we are the data controller.

The processed personal data consists of non-sensitive personal data, i.e. name, position, contact details.

The legal basis of data processing activities is found in the General Data Protection Regulation (GDPR).

Article 5(1)(a) GDPR provides that personal data must be processed lawfully, fairly and transparently in relation to the data subject.

Article 5(1)(b) of the GDPR provides for the purpose limitation principle, which requires that personal data must be collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.

Article 5(1)(c) provides for data minimization as a principle, i.e. processing as little data as possible in order to achieve the purpose
This assessment complements the necessity assessments pursuant to Article 6(1)(b) to (f). Article 6(1) of the General Data Protection Regulation1 (GDPR) specifies that processing shall be lawful only on the basis if the specified conditions set out in Article 6(1)(a) to (f) are met, which is the obligation of the data processor. In order to pursue our legitimate interest to manage contracts and invoices, and in order to evaluate the customer relationship, to manage and maintain IT systems, to administer and manage our website, systems and applications, statistics and business development, Squares d.o.o. may process data in accordance to GDPR, Article 6(1)b to (f).

Disclosure to third parties: Personal data may be disclosed to subcontractors who are directly involved in the project for the customer.

The data retention period is five (5) years after the latest project for the customer has been completed.

​

Use of cookies on our websites

​

This Website uses so-called “technical” Cookies and other similar Trackers to carry out activities that are strictly necessary for the operation or delivery of the Service in order to optimize the user experience.

​

Security of processing

​

Data security is a high priority at Squares d.o.o.. We work seriously and professionally with information security, and we base our work on internationally recognized security standards. We have implemented security measures to ensure data protection of customer data, personal data and other confidential data. We conduct regular internal follow-ups in relation to the adequacy and compliance of policies and measures.

We occasionally use other third parties, such as subcontractors, in connection with the provision of our services. Such third parties may be granted access to personal data in order for them to be able to provide the agreed service. Squares d.o.o. enters into data protection agreements that are necessary in order to ensure that security is in place to protect data and comply with our data protection obligations.

.

Your rights as a data subject

​

As a data subject, you have the following rights pursuant to the General Data Protection Regulation:

  • You have the right to access your personal data that we process.

  • You have the right to have your incorrect personal data rectified without delay.

  • You have the right to have your personal data erased at any time.

  • You have the right to restrict our processing of your personal data, where appropriate. We may then only process your data with your consent or as outlined in the General Data Protection Regulation.

  • You have the right to receive your personal data in a structured, commonly used and machine-readable format.

  • You have the right that your personal data be transmitted to another data controller.

  • You have the right to withdraw your consent of your personal data being processed at any time.

​

Changes to this data protection policy

​

As transparency is an ongoing responsibility, we will continually review and update this data protection policy to ensure our compliance with the GDPR.

The data protection policy was last updated in December 2023.

​

Contact

​

Please contact us if you would like to claim your rights as described above, or if you have questions about our processing of your personal data or this data protection policy.

 

Squares d.o.o.
Gospocak 17, HR-10'000 Zagreb
Tel: +385 99 610 10 03

squares@squares.hr

.

Complaints

​

If you wish to complain about our processing of personal data, please send an email with the details of your complaint to squares@squares.hr.

We will handle your complaint and get back to you.

​

Statutory rules

​

The applicable statutory rules for processing of your personal data by Squares d.o.o. may be found in:

  • The General Data Protection Regulation (GDPR)

bottom of page